Description

Any company that deals with protected health information (PHI) must ensure that all the required physical, network, and process security measures are in place and followed.

This includes covered entities (CE), anyone who provides treatment, payment and operations in healthcare, and business associates (BA), anyone with access to patient information and provides support in treatment, payment or operations. Subcontractors, or business associates of business associates, must also be in compliance

Why should you attend

HIPAA violations can prove quite costly for healthcare organizations. First, the HIPAA Breach Notification Rule within the omnibus set of regulations requires covered entities and any affected business associates to notify patients following a data breach. In addition to the notification costs, healthcare organizations can encounter fines after HIPAA audits mandated by the HITECH Act and conducted by the Office for Civil Rights(OCR). Providers could also face criminal penalties stemming from violations of the HIPAA privacy and security rules.

According to the US Department of Health and Human Services Office for Civil Rights, between April 2003 and January 2013 they received 91,000 complaints of HIPAA violations, in which 22,000 led to enforcement actions of varying kinds (from settlements to fines) and 521 led to referrals to the US Dept of Justice (criminal actions). Examples of significant breaches of protected information and other HIPAA violations include:
• the largest loss of data that affected 4.9 million people by Tricare Management of Virginia in 2011
• the largest fines of $4.3 million levied against Cignet Health of Maryland in 2010 for ignoring patients' requests to obtain copies of their own records and repeated ignoring of federal officials' inquiries
• the first criminal indictment was lodged in 2011 against a Virginia physician who shared information with a patient's employer "under the false pretenses that the patient was a serious and imminent threat to the safety of the public, when in fact he knew that the patient was not such a threat
Organizations can lower their risk of regulatory action through HIPAA compliance training programs. This webinar will give participants the tools that they need to ensure their organization is compliant with HIPAA regulations. It will clear any ambiguity or misinterpretation in any area of HIPAA or HITECH and will equip the participant with the latest happenings in this area

Note: “HIPAA Certified” is not the same as “HIPAA compliant”. Not third party or hosting provider can make your organization HIPAA compliant. There is also no certification program recognized by the federal governing body of the HIPAA standard, the Department of Health and Human Services (HHS) and the Office of Civil Rights (OCR)